Leveraging industry collaboration to tackle the rising security skills shortage
Bogdan Botezatu, Senior E-threat Analyst at Bitdefender®, discusses why solving the cyber security skills shortage must focus on collaboration between industry and education.
4.5 million cyber security experts will be needed worldwide by 2019 highlighting a significant demand for niche talent among one of the world’s fastest growing industries. Despite this, over 12 million adults in the UK currently lack basic digital skills , with almost 10 per cent of the UK population found to have never used the internet. A recent audit found that while the UK requires 745,000 extra digitally skilled workers by 2017, the UK Government had only been able to recruit 70 per cent of the computer science teachers required – with only 35 per cent of those holding a relevant qualification.
Further research has found that 90 per cent of major businesses in the UK had a security breach in 2015, with the UK Government recently announcing a new £500,000 fund to help educate students on how cyber risks can be best mitigated. To help achieve this education goal, the UK Government has also recently announced the launch of a new National Cybersecurity Academy. Piloted in the University of South Wales’ Newport campus, the academy is a collaboration between the university and a number of international businesses.
We have already seen the result of poor or lacking security implementation, with numerous organisations – and even nuclear power plants – recently infected with malware. With machine-to-machine communication and technologies such as the Internet of Things (IoT) making their way into mainstream business practices, a lack of qualified security professionals poses a significant risk to the viability of these new ventures. Poor security practices can have serious financial and reputational implications, making education in security a well-overdue essential in solving the skills shortage.
Educating for security – how can the skills shortage be plugged?
One of the fastest ways to address the skills shortage in the short term is to import seasoned security experts – gaining their assistance in both securing critical infrastructure and passing on their knowledge to others. When considering the speed at which cyber threats evolve, however, we must adopt a flexible approach. The security industry is constantly developing automated technologies that can learn for themselves in order to identify new threats, and is shifting from specialist-led cyber security practices to one of automated technology and smart algorithms. This shift must be addressed at a foundation level of education, with industry collaboration at the forefront.
Industry-led collaboration between educational bodies and existing cyber security experts means students are able to keep pace with the rapidly changing landscape, learning at the knee of current industry experts. For example, 65 per cent of the information security classes offered in one Romanian University are both designed and led by Bitdefender experts. This means that students not only receive the most up-to-date education possible, but that a greater number of students gain industry-ready qualifications, reducing the time spent by businesses bringing new members of staff up to speed.
Solving the skills shortage through a collaborative approach
While the recently announced launch of a National Cyber security Academy is a step in the right direction, it will take a number of years before those students become cyber security experts. In the past, a key way of passing on industry knowledge was through apprenticeship schemes, although in recent years this method has been in decline, with businesses favouring the education system alone to ensure they have access to the right talent.
The current predicament facing the UK is not only one of a low number of security professionals at the end of the educational funnel, but a low number of qualified staff to educate the next generation of specialists. While in the short term the importation of skilled cyber security experts will allow the UK to plug its current gap, in order to solve this issue in the long term this shortage must be addressed from the ground up with increased collaboration from the security industry. Investing in security science as a discipline taught in schools and universities is essential, but the right foundations must first be put in place to ensure a maximum return on this investment.
About the author:
Bogdan Botezatu, Senior E-threat Analyst at Bitdefender
Bogdan has been an integral part of Bitdefender since 2007 and is an expert in cyberwarfare, mobile security and malware affecting social networks. As Senior E-threat Analyst, Bogdan was part of the team that developed the popular Bitdefender USB Immunizer and Bitdefender Removal Tools.
Bogdan is also the author of widely read security books, including Malware History, Securing Wireless Networks and the Safe Blogging Guide. He has spoken at various computer security conferences around the world, including IPEXPO and DefCAMP, as well as international seminars such as “Current Methods for Combating Cybercrime”, organised by IMPACT Alliance.